On Tue, 2014-06-17 at 15:23 -0400, Rob Crittenden wrote:
> Simo Sorce wrote:
> > On Tue, 2014-06-17 at 17:59 +0200, thierry bordaz wrote:
> >>           * ipa stageuser-add <login> --from-delete
> >>
> >>             It moves a deleted entry to staging container where
> >>
> >>                 uidNumber: <unchanged, so it is preserved from the
> >>                 prevous active account>
> >>                 gidNumber: <unchanged, so it is preserved from the
> >>                 prevous active account>
> >>                 ipaUniqueID: autogenerate (reset to autogenerate)
> > 
> > Why are you resetting the unique id ?
> Read back a few in the thread. I suggested, perhaps incorrectly, that
> given that there should be no more references to the user once they go
> into deleted or staged, it may be ok to reset this value.

Well, let me reiterate, the deleted bucket is for those environments
where they have a mandate (regulation, law, policy, etc..) to never
delete users and reinstate users if they are deleted.
So all uniquely identifying information should be preserved in case the
object is revived. This means we need to do our best to preserve all
these attributes if we can.


Simo Sorce * Red Hat, Inc * New York

Freeipa-devel mailing list

Reply via email to